1 |
- Recon 00 - Recon 03 exercise on Pentester Lab
|
2 |
- Recon 04 - Recon 07 exercise on Pentester Lab
|
3 |
- Recon 08 - Recon 11 exercise on Pentester Lab
|
4 |
- Recon 12 - Recon 16 exercise on Pentester Lab
|
5 |
- Recon 17 - Recon 26 exercise on Pentester Lab
|
6 |
|
7 |
- Read about Authentication vulnerabilities
|
8 |
- Solve 3 authentication labs on the portswigger lab
|
9 |
- Solve 2 authentication labs on the portswigger lab
- Read blog on Account Takeover
|
10 |
- Solve 2 authentication labs on the portswigger lab
|
11 |
- Read write-ups on Authentication Vulnerabilities
|
12 |
- Read about Access Control vulnerabilities
|
13 |
- Solve 4 access control labs on the portswigger lab
- Read blog on Bypassing authorization in Google Cloud Workstations
|
14 |
- Solve 4 access control labs on the portswigger lab
|
15 |
|
16 |
- Solve 5 access control labs on the portswigger lab
|
17 |
- Read blog: I Found Information Exposed In GitHub,What Next?
|
18 |
|
19 |
|
20 |
|
21 |
|
22 |
|
23 |
- Watched videos on Broken Access Control & IDOR
|
24 |
|
25 |
|
26 |
|
27 |
|
28 |
|
29 |
|
31 |
|
32 |
|
33 |
|
34 |
|
35 |
|
36 |
|
37 |
|
38 |
|
39 |
- Read about Information Disclosure vulnerabilities
|
40 |
- Solve 2 Information Disclosure labs on the portswigger lab
|
41 |
- Solve 3 Information Disclosure labs on the portswigger lab
|
42 |
- Information Disclosure reports on Hackerone
|
43 |
- Information Disclosure videos & reports
|
44 |
- Information Disclosure blogs
|
45 |
- Tips for finding Information Disclosure vulnerability
|
46 |
- Video on API Information Disclosure
|
47 |
- Introduction to LDAP Injection Attack
|
48 |
- Facebook bug A Journey from Code Execution to S3 Data Leak
|
49 |
- Hacking the Search Bar The Story of Discovering and Reporting an XSS Vulnerability on Bing
|
50 |
|
51 |
- Thread on finding the real ip of a Cloudflare
|
52 |
- Hacking with ChatGPT: Ideal Tasks and Use-Cases
|
53 |
- How I found DOM-Based XSS on Microsoft MSRC and How they fixed it
|
54 |
- Hacking GraphQL API Using Suggestions
|
55 |
- Bypassing SSO Authentication from the Login Without Password Feature Lead to Account Takeover
|
56 |
- How I Used JS files inspection and Fuzzing to do admins/supports stuff
|
57 |
- How i was able to find Django Misconfiguration using Shodan
|
58 |
- $10.000 bounty for exposed .git to RCE
|
59 |
- Business logic vulnerabilities
|
60 |
- Solved 3 logic flaws labs on the portswigger
|
61 |
- Solved 3 logic flaws labs on the portswigger
|
62 |
- User can upload files even after closing his account (Improper Authentication-Generic gives 500$)
|
63 |
- How I was able to access 2 million user’s data in the web3 domain
|
64 |
- CORS Misconfig that ended in 120$ bounty
|
65 |
- Exposing Users Table From a Leaky GraphQL Query
|
66 |
- Finding Your First Bug: Business Logic Errors
|
67 |
- How I Found My First Bug (and earned $1k!) - Business Logic Tips
|
68 |
- Unauthorized access to Codespace secrets in GitHub
|
69 |
- The Story of Becoming a Super Admin
|
70 |
- Bugging Out: My Experience of Earning $300 for Reporting an Unexpected Bug
|
71 |
- I Earned $3500 and 40 Points for A GraphQL Blind SQL Injection Vulnerability.
|
72 |
- I QUIT RECON... and made $10,000 in bounties!
|
73 |
- How to Bug Bounty in 2023
|
74 |
- Utilizing The Burp-Suite Pentest Mapper Plugin V1.6.5
|
75 |
- How I Automate BugBounty Using Chatgp
|
76 |
- OTP Bypass India’s Biggest Finance Company.
|
77 |
- Logical Flaw Lead to Changing Price of Any Product
|
78 |
- Amazon cognito misconfiguration
|
79 |
- Easy $$$ via API params manipulation leading to bypassing the email verification block
|
80 |
- Price manipulation vulnerabilities
|
81 |
- How i found 8 vulnerabilities in 24h
|
82 |
- Information Disclosure — My First Finding on Hackerone!
|
83 |
- Unauthorized access to admin setpassword page BY bypassing 403 Forbidden
|
84 |
- Account takeover vulnerability in OpenAI
|
85 |
|
86 |
- The curl quirk that exposed Burp Suite & Google Chrome
|
87 |
- Hacker Interviews: rez0__
|
88 |
- How I earned $$$ with simple Privilege escalation
|
89 |
- Admin Dashboard Access through JavaScript Code $$$
|
90 |
- CVE-2021–36560: Critical Authentication Bypass Leads to Admin Account Takeover
|
91 |
- Privilege Escalation via Broken Authentication: A Story of $$
|
92 |
- How I got my 1st Swag from SIDN
|
93 |
- Users information disclosure
|
94 |
- Authentication Bypass Easy P1 in 10 minutes
|
95 |
- Pawning Half A dozen of Admin Panels & User Management Apps And Reporting 9–10 P1 in a day
|
96 |
- Uncover the Hidden Web: Discover the Power of Subfinder for Efficient Subdomain Enumeration
|
97 |
- Revealing my Private tool for Instant Bounties[Find Sensitive Info]
|
98 |
- Disclosing assigned users of any facebook applications connected to business account
|
99 |
- How I was able to change password of any corporate user
|
100 |
|
101 |
|
102 |
- Revealing a Logic Flaw in an E-commerce Website
|
103 |
- Net-banking OTP bypass in IDFC Bank but got dups
|
104 |
- Account Takeover By OTP Brute force
|
105 |
- How I got RCE in + 10 websites…
|
106 |
- Rukovoditel 3.3.1 — Remote Code Execution
|
107 |
- LFI to RCE via Log Poisoning
|
108 |
- A Big company Admin Panel takeover $4500
|
109 |
- How Deep Recon help me to get critical Bug in Xiaomi
|
110 |
- How I hacked hackers in Voorivex Hunt Event
|
111 |
- Bypassing Link Sharing Protection in Messenger Kids Parent’s Control Feature Meta Bug Bounty
|
112 |
- Bypassing 403s like a PRO! ($2,100): Broken Access control
|
113 |
|
114 |
- Exploit Privilege Escalation Like a Pro
|
115 |
|
116 |
|
117 |
- How I was able to access a properly Configured S3 Bucket
|
118 |
- How I accessed the Sensitive document which I had already deleted
|
119 |
- A Deep Dive on Katana "Field" Extraction
|
120 |
- Disclosed API key to list user information and complete Exploitation !!
|
121 |
- Little bug, Big impact. 25k bounty
|
122 |
|
123 |
- Extensive Recon Guide For Bug Hunting
|
124 |
- Accessing Admin Dashboard in 5 seconds: Hall of Fame.
|
125 |
- What is BOLA? 3-digit bounty from Topcoder ($$$)
|
126 |
- Simple Account Takeover Worth $9,999
|
127 |
- How a simple Directory Listing leads to PII Data Leakage, Remote Code Execution and many more vulnerabilities on a HR management subdomain
|
128 |
- How I found my first RCE!
|
129 |
- RCE due to Dependency Confusion — $5000 bounty!
|
130 |
|
131 |
- Subdomain Takeover leading to Full Account Takeover
|
132 |
- One Bug at a Time: I failed my quiz on purpose to get $1,000!
|
133 |
- Reconnaissance 104: Expanded Scanning
|
134 |
- IDOR in session cookie leading to Mass Account Takeover
|
135 |
- SQL injection on a hidden API endpoint
|
136 |
- Hardcore RCE via directory name for $3.000
|
137 |
- Th3G3nt3lman Shares His Recon Methodology and How He Consistently Collects $15,000 Bounties!
|
138 |
|
139 |
- 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite
|
140 |
- Why You Should Always Check The Audit Log [Medium] — $500
|
141 |
- Exploiting SQL Error SQLSTATE[42000] To Own MariaDB of A Large Online Media Leader
|
142 |
- I helped the top Indian health benefits management platform from major PII leak by hacking their SQL Servers, AWS instance, DCs etc.
|
143 |
- Azure DNS Takeover @ Swisscom
|
144 |
- I Earned $3500 and 40 Points for A GraphQL Blind SQL Injection Vulnerability.
|
145 |
- How I got Owned A Multi-Billion Dollar Retailer’s MySQL Databases Using Simple SQL Injection
|
146 |
- IDOR Vulnerability that exposed 17 Million user data (IDOR Diaries)
|
147 |
- Utilizing Historical URLs of an Organization to successfully execute SQL queries — Blind SQLi
|
148 |
- Blind SSRF - The Hide & Seek Game
|
149 |
- The 30000$ Bounty Affair.
|
150 |
- Got Access To Server through SQL Injection.
|
151 |
- How I bypassed Two-Factor Authentication with 3 different methods on the same target
|
152 |
- Weird Improper Access Control Bug of $$$
|
153 |
- Exploiting SSRF like a Boss — Escalation of an SSRF to Local File Read!
|
154 |
- The Tale of a Command Injection by Changing the Logo
|
155 |
- How a misconfigured Lotus Domino Server can lead to Disclosure of PII Data of Employees, Configuration Details about the Active Directory, etc
|
156 |
- Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability
|
157 |
- Rate Limit Bypass Leads to 0 Click ATO
|
158 |
- How I Found Price Manipulation of Products Vulnerability
|
159 |
- How I was able to get account takeover via IDOR form JWT
|
160 |
- The Art of G-mail Hacking! → Secrets of Impersonation!
|
161 |
- Path traversal to RCE — Openfire — CVE-2023–32315
|
162 |
- SQL Injection in The HTTP Custom Header
|
163 |
- IDOR, unpin posts for fun.
|
164 |
- Pwning Admin Panel To Change Movie Ticket Prices at Disney
|
165 |
- An interesting 'dependency confusion' attack on
|
166 |
- PII Data Leakage and US$1500 Bounty
|
167 |
- Best approach to Error-Based SQL injection
|
168 |
- How Searching by IP Addresses Can Reveal Hidden Gems
|
169 |
- How I was able to send Emails Using Anyone’s Email Address via the Contact Us Functionality
|
170 |
- How I Unveiled a Critical Vulnerability: Exposing All Buyers’ Invoices PII with a Single Trick
|
171 |
- Hijacking S3 Buckets: New Attack Technique Exploited in the Wild by Supply Chain Attackers
|
172 |
- The Unexpected “0” Master ID for Account Data Manipulation
|
173 |
- Get a Feel of JWT ( JSON Web Token )
|
174 |
- Attacks on JSON Web Token (JWT)
|
175 |
- Exploiting Exposed Tokens and API Keys: Edition 2023
|
176 |
- The Power of Shodan - Leveraging Shodan for Critical Vulnerabilities
|
177 |
- My first two valid and rewarded Web Cache Deceptions, earning $2250
|
178 |
- How BAC(Broken Access Control) got me a Pre Account Takeover
|
179 |
- Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace
|
180 |
- My First Valid Report and Reward in BugBounty
|
181 |
|
182 |
- How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity
|
183 |
- I received a bounty of $60 for finding a critical bug in the patient management system.
|
184 |
- Exploiting Non-Cloud SSRF for More Fun & Profit
|
185 |
|
186 |
- Account Takeover (ATO) via Manipulation of the Change Password Funcionality
|
187 |
- A $1,000,000 bounty? The KuCoin User Information Leak
|
188 |
- Account takeover hidden in Javascript files.
|
189 |
- 10 tips for crushing bug bounties
|
190 |
- IDOR To Delete Hall Of Fame Page.
|
191 |
- How I got Two RCE at EPAM-Bounty Program
|
192 |
- Get All your Clickjacking Vulnerability Triaged with this Exploitation!
|
193 |
- Exploiting Time-Based SQL Injections: Data Exfiltration
|
194 |
- An interesting RCE on a Synack Red Team target!
|
195 |
- Server Side Request Forgery(SSRF){port issue hidden approch }
|
196 |
- Unveiling Vulnerabilities: How I Earned My First Bounty by Securing my Favorite Cyber Security YouTuber’s Website
|
197 |
|
198 |
- Blind SQL injection with a little WAF
|
199 |
- Chaining Multiple Website Vulnerabilities: My First Bug Hunt
|
200 |
- Understanding, Detecting, and Exploiting SSRF
|
201 |
- How I was Able To Bypass The Admin Panel
|
202 |
- Breaking Down SSRF on PDF Generation: A Pentesting Guide
|
203 |
- How a single quote (‘) may potentially destruct one of a biggest public transportation business
|
204 |
- How I Hacked the Department of Telecommunications?
|
205 |
- Analysis of CVE-2023-3519 in Citrix ADC and NetScaler Gateway (Part 2)
|
206 |
- How I found Subdomain Takeover on Red Bull
|
207 |
- How I was able to takeover 4000+ users account
|
208 |
- How I found two api vulnerabilities by analyzing JS source code
|
209 |
- How I Found a Vulnerability on Google and Earned a Hall of Fame Spot
|
210 |
- How I was able to cause a DoS via the Application (IP Restriction roles)
|
211 |
- Bypassing email verification of high-profile tech company ($$$)
|
212 |
- How I Discovered a Critical PII Info Disclosure Bug: A Journey Through the Wayback Machine
|
213 |
- Like a pro, navigating 403s! ($2,300): Access Issues
|
214 |
- HeapDump to account takeover to PII Data Leak
|
215 |
- Unveiling the Rate Limiting Issue: The Low Hanging Fruits Bounty Bonanza!3k$+
|
216 |
- Cross-Tenant Information Disclosure: Unraveling Microsoft Connections, Custom Connectors, and OAuth 2.0 in Power Automate
|
217 |
|
218 |
- Mastering Small Scope Programs: A Comprehensive Guide for Bug Hunting
|
219 |
- Mastering the Realm of GraphQL Exploitation
|
220 |
- Attacking Misconfigure Spring Boot Actuators
|
221 |
- PII-nacles of Discovery: Deep Recon, Fourth-Level Subdomains, and Abusing Exposed .git Repositories
|
222 |
- Finding “BAC - IDOR -PE” Within a Minute using Autorize Tool
|
223 |
- Templating the Unthinkable: From Injection to Remote Control
|
224 |
- Gone in a Click: IDOR Vulnerabilities in Image Upload Function
|
225 |
- How I Discovered Over 40+ Impactful Vulnerabilities Within 1 Hour, Just for Fun!
|
226 |
- Special Characters Manipulating in BugBounty
|
227 |
- Unveiling Vulnerabilities: Host-header injection in OAuth Functionality
|
228 |
- 10 Technical Tips with Hx01
|
229 |
- Customer account takeover in Shopify stores
|
230 |
|
231 |
- An IDOR lead joins any group makes me $2,500
|
232 |
- My first Bounty Worth $$$$
|
233 |
- The Ticket Hack: Free travel by hacking the Chennai Metro Rail.
|
234 |
- Bypass Two-Factor Authentication of Facebook Accounts ($25,300)
|
235 |
- How to expand your attack surface and avoid duplicates
|
236 |
- Compromised servers and downloaded source codes of a company
|
237 |
- I've made $500k+ from SSRF vulnerabilities.
|
238 |
- Privilege Escalation to Super Admin
|
239 |
- How i got more than 100 vulnerabilities in just one site?
|
240 |
- How a Shodan search led to Gold Mine
|
241 |
- Exploiting Wildcard for Privilege Escalation
|
242 |
- Stealing Login Credentials using HTTP Request Smuggling
|
243 |
- I was able to see all user information by manipulating parameters on the website.
|
244 |
- Leaking File Contents with a Blind File Oracle in Flarum
|
245 |
- Arbitrary account takeover vulnerability
|
246 |
- RCE on Application’s Tracking Admin Panel
|
247 |
- How I Got Free LinkedIn Premium Membership
|
248 |
- Uncovering Web Cache Deception: A Missed Vulnerability in the Most Unexpected Places
|
249 |
- A Comprehensive Approach for Testing for SQL Injection Vulnerabilities
|
250 |
- My debut with a Critical Bug: How I found my first bug (API misconfiguration)
|
251 |
- How I got $$$ from my First valid Bug
|
252 |
- How .js file helped me to find and Exploit AWS Access key and Secret
|
253 |
- HTTP Request Splitting vulnerabilities exploitation
|
254 |
- How do I search for Web Cache Deception?
|
255 |
- Unauthenticated Massive PII Leak
|
256 |
- Privilege Escalation: How I Earned $500 by Discovering the Ability to Delete Documents as a Student
|
257 |
- Mastering the Art of SQL Injection: A Comprehensive Guide
|
258 |
- How to find subdomain takeover using httpx + dig
|
259 |
- Exploiting Broken Access Control Vulnerability
|
260 |
- GraphQL APIs & Enumeration Basics
|
261 |
|
262 |
- OAuth Misconfiguration Leading to Unauthorized Admin Access For All Org Product
|
263 |
- How I Got 4 SQLI Vulnerabilities At One Target Manually Using The Repeater Tab
|
264 |
- Account takeover via misconfigured SSO [OIDC] implementation
|
265 |
- Getting RCE in Chrome with incorrect side effect in the JIT compiler
|
266 |
- RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
|
267 |
- Beyond Base64: The Vulnerability Leaving Millions of Calls Exposed
|
268 |
- Beyond Error Messages: Super Admin Deletion due to Broken Access Control (€€€)
|
269 |
- $1000 Bug using simple Graphql Introspection query
|
270 |
- $1,250 worth of Host Header Injection
|
271 |
- nOAuth: Account Takeover via Microsoft Oauth
|
272 |
- Bug Bounty Hunter — Captcha Bypass #Response-to-this-Request
|
273 |
- 403 Forbidden? No Problem, Here’s a POST XSS
|
274 |
- One Bug at a Time: Admin Panel Access I’m now an Employee!
|
275 |
- How to build custom scanners for web security research automation
|
276 |
|
277 |
- Privilege esclation allow user to delete pending invitation
|
278 |
- Using cloudflare to bypass cloudflare
|
279 |
|
280 |
- Multiple Organization Full account Take-over via privilege escalation
|
281 |
- $1120: ATO Bug in Twitter’s
|
282 |
- how to dig deep to found a tricky xss via 0auth redirect in blockchain platform and get $700
|
283 |
- Uncovering Security Vulnerabilities: A Deep Dive into an Eye-Opening Git Discovery
|
284 |
- Unauthorized Access to Admin Panel & SQL Injection
|
285 |
- CVE-2022-4908: SOP bypass in Chrome using Navigation API
|
286 |
- Here is how I Do my Recon fast automated bug bounty
|
287 |
- Sensitive Information Leak via Forgotten .DS_Store File on redacted.com
|
288 |
- Hunting for Hidden Treasures: Unveiling the 403 Bypass Bug Bounty Adventure
|
289 |
- How I Exposed Instagram's Private Posts by Blocking Users
|
290 |
- Delving into the Depths of NoSQL Injection: A Research Odyssey
|
291 |
- The single-packet attack: making remote race-conditions 'local'
|
292 |
- How I Discovered an Exposed API Access Token in a JavaScript File, Uncovering Sensitive Company’s Internal Data
|
293 |
- From user to admin gaining admin panel access
|
294 |
- Account Takeover via Business Logic
|
295 |
- Bypassing 2FA for Password Reset : By Request Manipulation 500$ Bug
|
296 |
- Full account takeover — Never give up
|
297 |
- Security Vulnerabilities in CasaOS
|
298 |
- A web cache deception chained to a CSRF, the recipe
|
299 |
- Business Logic Errors Can Be Your First Bug
|
300 |
- Akamai Bypass! Advanced XSS.
|
301 |
- Escalating debug mode in Django to RCE, SSRF, SQLi
|
302 |
- Compromising F5 BIG-IP With Request Smuggling
|
303 |
- DOM-based race condition: racing in the browser for fun
|
304 |
- IDOR - how to predict an identifier? Bug bounty case study
- How to hunt on restricted web applications protected behind a login page?
|
305 |
- Automating Boolean SQL Injection and Evading Filters
|
306 |
- Account Takeover via Weak OTP
|
307 |
- $7000 Bounty on a Single Web Application
- Blog Post: Bypassing an Admin Panel with SQL Injection
|
308 |
- How I was able to find BAC on the University website leading to result dumping?
- Graphql path traversal lead to disclosure of PII
- How Storing Credentials in the Source Code Can Lead to Account Takeover
- Uncovering a Vulnerability in Intercom Widget Chat Configuration
|
309 |
- My $750 Privilege Escalation Bug: How I Prevented Unauthorized Role Changes.
- How to exploit Self-Stored XSS Issues?
|
310 |
- Race Conditions with pipelining
|
311 |
- Discovering and Exploiting a XML External Entity (XXE) Vulnerability in a Public Bug Bounty Program
|
312 |
- Uncovering a Simple Web Cache Deception Vulnerability That Paid Off
- How can you effectively exploit Windows IIS targets?
|
313 |
- What types of DoS bugs will get you a bounty?
|
314 |
- Cloudflare Bypass leads to RXSS in Microsoft
- Mass hunting vulnerabilities with subdomain database feature of prettyrecon
|
315 |
- Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€
|
316 |
- 1200$ IDOR Flaw: Allow Attacker To Approve Project Time Tracking
- AI Quickly Exposes 2-Minute DOM XSS in JavaScript Translation
|
317 |
- The Art Of Zendesk Hijacking
- How I dropped a crit 0day XXE to full read SSRF in less than 6 hours.
|
318 |
- OwnCloud OAuth Token Steal leading to CRUD Filestore Access
|
319 |
- Idor That allowed me to get access to sensitive users files and share them
- HTTP is dead... Long live HTTP?!
|
320 |
- How I hacked Google’s bug tracking system itself for $15,600 in bounties
- Uncovering a crazy privilege escalation from Chrome extensions
|
321 |
- How to Generate Endless Attack Vectors on Web Applications
- Bug bounty tip for shopping site
- $1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproof
|
322 |
- Unlocking Important Resources with Email Verification Bypass
- Takeover other user's accounts using Login with Facebook
|
323 |
- Okta for Red Teamers — Perimeter Edition
|
324 |
- Account Hijacking via Invite Flows
- Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundles
|
325 |
- Chaining CORS by Reflected XSS to Steal Sensitive Data
- My First IDOR - Hiding in the Header Request
- Where to hunt for XXE (XML External Entity)
|
326 |
- Everything about full-time bug bounty
|
327 |
- Mass Hunting XSS vulnerabilities
- Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harder
|
328 |
- Building a free Burp Collaborator with Cloudflare Workers
- How to tackle unpredictable IDs in IDOR or RBAC Issues?
|
329 |
- How I Made $$$ Using Open-Redirect
- First massive bug: Noise’s AWS Bucket Misconfiguration
|
330 |
- Critical misconfiguration in Firebase
- How i get my first Logic Bug and how to find them
|
331 |
- How to approach restricted bug bounty programs with a single site in scope?
|
332 |
- Navigating Risks: Vulnerability Stemming from a Third-Party Integration
- Unlocking GraphQL's Hidden Potential
|
333 |
- PII Disclosure Worth $750
- DoS via Password Strength Checker Function
|
334 |
- How to Spot CORS Misconfigurations?
|
335 |
- Race Condition - A cURL Chaos
|
336 |
- Where to find SSRF Issues?
|
337 |
- Business Logic Vulnerability: Payment bypass
- Tips for Approaching the Main App of a Program
|
338 |
- Hacking a Payment Processor
|
339 |
- PDF Upload Leading to Stored XSS
|
340 |
- How I Discovered SSRF on Hackerone Program
|
341 |
- Unraveling The Story of Multiple Admin Panel Compromises
|
342 |
- 3 Symfony (RCE): A Peek Behind the Curtain
|
343 |
- How to not implement payment features - Insights from Bugbounty
|
344 |
- Bypassing CSRF Protection Like a Pro
|
345 |
|
346 |
- Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?
|
347 |
- Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employees for >3.5 years (or even 18 years?)
|
348 |
- One port can be a costly mistake Attack The Rsync Service in a Private Program
|
349 |
- Escalating DOM XSS to Stored XSS
|
350 |
- Subdomain Takeover in Azure Trafficmanager for Fun & Profit
|
351 |
- SSTI gave me T-Shirt + € 50
- XSSRF : The Matrimony of XSS and SSRF.
|
352 |
|
353 |
- This Is The Story Of Making Almost $50,000 In Bounties From Adobe's VIP Bug Bounty Program💰
|
354 |
- How I Found SQL Injection worth of $4,000 bounty
- The Ultimate Guide to Uncovering XSS Vulnerabilities at Scale
|
355 |
- CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin
|
356 |
- The ART of Chaining Vulnerabilities
|
357 |
- Privilege escalation and arbitrary page tampering in Cloudflare Pages
|
358 |
- How I Discovered an RCE Vulnerability in Tesla, Securing a $10,000 Bounty
|
359 |
- Account takeover vulnerability that resulted in $2500 bounty!
|
360 |
- The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitation
|
361 |
- How you can escalate XSS Issues to an Account Takeover
|
362 |
- Bug Bounty: The road to my first $1000 through hacking public websites
|
363 |
- How to Identify and exploit Akamai Cache Deception/Poisoning Issues?
|
364 |
- Sudomain Takeover via Shopify(Easy Bounty $$$$)
- New OWASP API Top 10 for Hackers
|
365 |
- 417$ Simple IDOR: Unauthorized Contact Details Modification
- From Google Dorking to Unauthorized AWS Account Access and Account Takeover
|